karbon
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the membrane CLI tool to perform authentication and interact with the Karbon API.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli Node.js package, which is an official tool provided by the vendor.
- [PROMPT_INJECTION]: The skill processes external data from Karbon, creating a surface for indirect prompt injection. 1. Ingestion points: Data is retrieved from the Karbon API via membrane action run and membrane request (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided. 3. Capability inventory: The skill can perform data writes and network requests (SKILL.md). 4. Sanitization: No data sanitization steps are documented.
Audit Metadata